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ABSTRACT 


The Chinese Remainder Problem appeared around the first century AD in Sun 
Zie’s book. Its uses ranged from the computation of calendars and counting soldiers 
to building the wall and base of a house. Later on, it became known as the Chinese 
Remainder Theorem involving integers and remainders under division. Over a period of 
time, people had expanded the theorem into abstract algebra for rings and principal ideal 
domains. Furthermore, the application of the Chinese Remainder Theorem can be found 
in computing, codes, and cryptography. 

In this manuscript, the Chinese Remainder Theorem will be introduced as the 
original theorem dealing with integers. Then, its expansion and application into rings, 
principal ideal domains, and Dedekind Domains will be discussed. Finally, we will see how 


the theorem, as a secret-sharing scheme, takes part in the development of cryptography. 
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Chapter 1 


Introduction 


In the mid thirteenth century, a method for solving systems of linear congruences 
was published by the Chinese mathematican Ch’in Chiu-Shao. He wrote the Mathematical 
Treatises in the Nine Sections. This method was then called the Chinese Remainder 
Theorem due to the contribution of Ch’in Chiu-Shao ([Gal06]). 

In an old guide book for magicians ([DPS96]), the form of the Chinese Remainder 
Theorem is found as a mind-reading trick to impress the audience. A magician would 
ask a helper to think of a number less than 60. Then the helper is asked to divide this 
number by 3 and tell the remainder. The process continues as the helper divides the 
original number by 4 and 5. Upon hearing the remainders, the magician will announce 
the number. For example, the number will be 23 corresponding to the remainders 2, 3, 
and 3, obtained by dividing by 3, 4, and 5 respectively. By the instruction of the guide 
book, the magician divides the numbers 40a + 45) + 36c by 60 where a, b, c are the three 
remainders. So, in the above case 40 x 2+-45x3+36x3 = 80+1354+108 = 323+60 = 5r23. 
The last remainder 23 is the answer. This is a concrete example of using the Chinese 
Remainder Theorem with three moduli. 

In arithmetic, modulo indicates a congruence relations on the integers. Two 
integers a and b are said to be congruent of modulo m if their difference a—b is a multiple of 
m. Also if we divide both a and b by m, their remainders will be the same. The magician 
problem above starts with simple moduli of the integers; however, the congruence relation 
is expanded into abstract algebra with the operations on rings, domains, fields, and so 


on. 


The Chinese Remainder Theorem began with a problem similar to that of the 
magician and the Chinese used its algorithm to calculate the calendar, compute the 
number of soldiers when marching in lines, or compute the construction of building a 
wall. Nowadays, we have found more uses involving the application of this theorem. 
In dealing with logic and mathematics, the theorem was used to prove that any finite 
sequence of integers can be represented in terms of two integers ([DPS96]). The property 
shows part of the power of the Chinse Remainder Theorem which will be proved in chapter 
4, : 

Property: Let a;, 0 <i < t, bea finite sequence of nonnegative integers. Then 
there are integers u and v such that (wu mod (1+ (¢+1)v)) = aj, for every i = 0,1,..., t. 

Modern mathematicians also generalized the theorem into rings and integral 
domains which is our topic in chapter 3. Other applications that directly involve the 
theorem are seen in Dedekind domains and cryptography which will be discussed in 
chapter 4. In dealing with cryptography, the theorem itself is already a secret-sharing 
scheme which as mentioned above, was employed to compute the number of soldiers 
to prevent the enemy from such information as follows. A general asks his soldiers to 
stand in 1,79, ...,) 7% rows in turn, and each time he counts the remainders. Finally, he 
computes the number of his soldiers using the Chinese Remainder Algorithm, the process 
of applying the Chinese Remainder Theorem. This is a secret method to calculate the 
number of soldiers. 

Even though the theorem, originated as a puzzle, first appeared in China, the 
concept was also recognized in other areas of the world. There were several mathemati- 
cians exploring this idea. The work of Brahmagupta in Indian involved planar geometry, 
arithmetic progressions, and quadratic equations. A form of the theorem was also men- 
tioned in his work. Even though the Chinese Remainder Theorem was just a glimpse in 
Fibonacci’s work, we could see the substantial spread of the theorem. We will take a brief 
glance of how the Chinese Remainder Theorem is treated by Fibonacci. 

In Fibonacci’s book Liber Abaci, the Chinese Remainder Theorem was discussed 
as follows. “Let a contrived number be divided by 3, also by 5, also by 7; and ask each 
time what remains from each division. For each unity that remains from the division 
by 3, retain 70; for each unity that remains from the division by 5, retain 21; and for 


each unity that remains from the division by 7, retain 15. And as much as the number 


surpasses 105, subtract from it 105; and what remains to you is the contrived number. 
Example: suppose from the division by 3 the remainder is 2; for this you retain twice 70, 
or 140; from which you subtract 105, and 35 remains. From the the division by 5, the 
remainder is 3; for which you retain three times 21, or 63, which you add to the above 35; 
you get 98. From the division by 7, the remainder is 4, for which you retain four times 
15, or 60; which you add to the above 98, and you get 158, from which you subtract 105, 
and the remainder is 53, which is the contrived number. From this rule comes a pleasant 
game, namely if someone has learned this rule with you; if somebody else should say some 
number privately to him, then your companion, not interrogated, should silently divide 
the number for himself by 3, by 5, and by 7 according to the above-mentioned rule; the 
remainders from each of these divisions he says to you in order; and in this way you can 
know the number said to him in private.” ({[DPS96]) 

Fibonacci’s presentation is very similar to Sun Zi’s approach in generating a 
method to find the mystery number. Chinese Remainder type of problems as mentioned 
above were also considered by other mathematicans such as Euler, Gauss, and Lagrange. 


Its popularity took a great part in our modern application to cryptography. 


Chapter 2 


Foundation and Development of 


the Chinese Remainder Theorem 


2.1 Historical Development 


In historical times, problems involving finding the number of objects, such as 
the numbers of baskets, blocks of bricks, or numbers of soldiers in a group under certain 
conditions were to compute the remainders when dividing the mystery number in different 
steps. One of the examples was as follow: “We have a number of things, but do not know 
exactly how many. If we count them by threes we have two left over. If we count them 
by fives we have three left over. If we count them by sevens we have two left over. How 
many things are there?” ([DPS96]) 

This problem is presented in the mathematical classic of Sun Zi, a mathematician 
in ancient China. Sun Zi Suanjing, Sun’s Mathematical Manual was dated approximately 
to the beginning of Graeco-Roman time, A.D. 100 - A.D. 500. The oldest Chinese math- 
ematical classic is Chou Pei Suanjing. This book recorded mathematics for astronomical 
calculations. It was dated about 1000 B.C. The Pythagorean Theorem was used in the 
astronomical calculations in this book. Therefore, Sun Zi’s book is not the oldest Chinese 
mathematical classic; however, the Chinese Remainder Theorem appeared in it for the 
very first time. 

The calculation of calendars in ancient China was the main source of the re- 


mainder theorem. Around A.D. 237, the Chinese astronomers defined the starting point 


of the calendar as “shangyuan”, which is a moment that occurred simultaneously with 
the midnight of the first day of the 60 days cycle, the Winter Solstice and the new moon. 


The system of congruences 


xN =r; mod 60 


xN =r mod y 


indicates the number of years N after shangyuan. So for the above system of congurences, 
if the Winter Solstice of a certain year occurred r; days aftershangyuan and re days after 
the new moon, then that year was N years after shangyuan, where x is the number of 
days in a tropical year and y is the number of days in a lunar month. 

This example is considered the very first application of the Chinese Remainder 
Theorem ({[DPS96]. This kind of computation was also used in building a wall or the base 
of a house such as the construction of the Great Wall during feudal times 475-221 B.C. 
It is described as follows. To construct a rectangular base for a building, there are four 
kinds of materials available: big cubic materials with each side 130 units long; small cubic 
materials with each side 110 units; city bricks that are 120 units long, 60 units wide, and 
25 units deep; and “six-door” bricks that are 100 units long, 50 units wide, and 20 units 
deep. These four materials were used to build the base without breaking any of them into 
little pieces. Therefore, we end up with a system of congruences as we calculate different 
materials for each time a specific type of material is used. If big cubic materials are used, 
then 60 units base length is left, but 60 units more base width is needed. If small cubic 
materials are used, then 20 units based length is left, but 30 units more base width is 
needed. If the length of the city bricks is used, then 30 units base length is left, but 10 
units more base width is needed. If the width of the city brick is used, then 30 units base 
length is left, but 10 units more base width is needed. If the depth of the city bricks is 
used, then 5 units base length is left, and 10 units base width is needed. If the length, 
width and depth of the six-door bricks are used, the base length has 30, 30 and 10 units 
left respectively, and the base width has 10, 10 and 10 units left respectively. The goal is 
to determine how large the base length X and base width Y are. 

The above example is simplified into the following congruences where X is the 
material used each time and Y is the material needed: 

X = 60 mod 130 
= 30 mod 120 


= 20 mod 110 
= 30 mod 100 
= 30 mod 60 
= 30 mod 50 
= 5 mod 25 
= 10 mod 20 
and Y = 60 mod 130 
= 10 mod 120 
= 30 mod 110 
= 10 mod 100 
= 10 mod 60 
= 10 mod 50 
= 10 mod 25 
= 10 mod 20. 

As mentioned in Chapter 1, this algorithm is also used to compute the number 
of soldiers that went out for battles. To avoid the enemy of knowing the number of 
soldiers he has, a general would count his soldiers in a certain way. For example, first he 
asks his soldiers to line up in rows of 11, then in rows of 17, 29, and 31. Respectively, 
each time, he is reported with remainder 8, 5, 16, and 24. Then he will calculate his 
soldiers in private. Since not many people know of this secret computation, the general 
can conceal his number of soldiers. From this example, we compile the following system 


of congruences with relatively prime moduli where z would be the number of soldiers: 


x = 8 mod 11, 
xz =5 mod 17, 
xz = 16 mod 29, 
z= 24 mod 31. 


We will solve these three types of problems in the last section of this chapter. 


2.2 Basic Properties of Relatively Prime Integers 


Before introducing the theorem, there are several terms, lemmas, and theorems 


that we need to know concerning relatively prime integers. 


Definition 2.1. A set of integers is said to be pairwise relatively prime if every pair of 
integers a and b in the set have no common divisor other than 1, in other words (a, b) = 1 


where (a, b) is the greatest common divisor of a and b. 


Example 2.2. The set {10,7,33,13} is pairwise relatively prime because any pair of 
numbers has greatest common divisor equal to 1. 


(10,7) = (10,33) = (10, 13) = (7,33) = (7,13) = (33, 13) =1. 


This concept of pairwise relatively prime is used commonly in the Chinese Re- 
mainder Theorem. The property in the next theorem and those that follow are useful in 


dealing with greatest common divisors. 


Theorem 2.3. The greatest common divisor of the integers a and b, not both 0, is the 


least positive integer that is a linear combination of a and b. 


Proof: Let m be the least positive integer that is a linear combination of a and 
b. Then we have m = az + by for some integers xz and y. By the Division Algorithm, 
there exists integers g and r such that a= mq+r,0<r<m. Sor=a-—mmg. Substitute 
m by the linear combination above, we get r = a — (ax + by)q = (1 — zq)a — byg. Then 
r is a linear combination of a and b. Since 0 < r < m, and m is the least positive linear 
combination of a and b, we have r = 0. Therefore, m | a. Similarly m | b. Hence, m is a 
common divisor of a and b. Now let n be another divisor of a and b. For m = ax + by, if 
n|aandn|bthen n|m,son<m. Consequently, m is the greatest common divisor of 


a and b. 
O 


Proposition 2.4. For any integers a,b € Z, (a,b) = 1 if and only if ax + by = 1 for 


some integers x and y. 


Proof: By Theorem 2.3, we have (a, b) = 1 leading to az+-by = 1 for any integers 
x and y. Conversely, suppose that ax + by = 1, and let m = (a,b) then m|a and m| 6. 
So m | (aa + by). Hence m|1. Thus m = 1. 


O 


Lemma 2.5. For any integers a,b,c € Z,[a,b] | c, where [a,b] is the least common 


multiple of a and b, if and only if a |c and b|c. 


Proof: Suppose [a,b] | c. Then c = [a,b]x for some integer x. Also a | [a, 6], so 
[a,b] = ay for some integer y. So, we have c = axy. Hence, a | c. Similarly, we obtain 
bic. 

Conversely, if a | c and b | c, we try to prove that [a, b] | c. Let [a,b] = m. By 
the Division Algorithm, there exists integers q and r such that c= mq+7,0<r<m. 
We will show r = 0. Since a | c, a | mqg+r. However, [a,b] = m so a|m. Then a |r, 
so r = az for some z. Similarly, r = by for some y. But, r < m and m = [{a,}], hence, 


r= 0. Thus, c= mq, and m|c. Therefore [a, }] | c. 
O 


Definition 2.6. Let m be a positive integer. If a and b are integers, we say that a is 


congruent to b modulo m if m | (a — b). We write a = b mod m. 


Theorem 2.7. If a = b (mod mj), a = b (mod mg), ..., a = b mod (mx), where 
a,b, my, Ma, ..,M~ EZ and my, mo,...,m~ > 1, then a = b (mod [mj, me, ..., mg] ), where 


[m1, Ma, ..., Mz] is the least common multiple of m1, ma, ..., Mx. 


Proof: Let a = b (mod mj), a = b (mod mzg),.... a = 6 (mod m,z). Tthen 
my | (a—b), mg | (a— 9), ..., mp | (@— b). So, by Lemma 2.5, [m1, ma, ..., mz] | (a — DB). 


So a = b (mod [mi, me, ...mx])- 


Lemma 2.8. a. For any a,b,c € Z, (a,b) = (b,c) =1, then (ac, b) = 1. 

b. For any a1,42,...,@n € Z, if (a1,b) = (a,b) = ... = (an, b) = 1 then 

(a149...€n,6) = 1. 
Proof: 

a. Suppose (a, b) = 1. Then ax+by = 1 for some integers z, y. Similarly (b,c) = 1 implies 
bs+ct = 1 for some integers s,t. Then (ax+by)(bs+ct) = 1, so abrs+acat+b?ys+beyt = 1 
and acat + b(axs + bys + cyt) = 1. Hence (ac, b) = 1 by Proposition 2.4. 
b. We are going to prove this part by induction. 
For n = 1, we have (a,b) = 1 => (a,b) =1. 
Suppose (a1,b) = 1, (a2,6) = 1,... (@n4i1,b) = 1. Then by the induction hyposthesis, 
(a1@9...dn,6) = 1 and (an4i,6) = 1. Since aj, ag,..., Qn, € Z, then let aj -ag---an =c. So 


by part a, (c,b) = 1 and (@n41,6) = 1 implies (can41,b) = 1. Thus, (@1@...@nan41, b) = 1. 


O 


2.3. Chinese Remainder Theorem for Integers 


Now that we have some basic concepts to help us in solving the Chinese Remain- 
der puzzle given at the beginning of this chapter, we will start with our original theorem 


that gives the method to acquire the solution of the puzzle. 


Theorem 2.9. Let m1, mo, ..., mr be pairwise relatively prime positive integers. Then the 
system of congruences: 
L =a, (mod m,) 


ZL = aq (mod m2) 


x =a, (mod m,) 


has a unique solution modulo M = mjymz...m,r. 


Proof: Let M, = aM: = MjM2°+*Mp-1ME41°°*Mr. By Lemma 2.8, we know 

m 
that (Mz,ms) = 1 because (m;,m,) = 1 whenever j #4 k. Then myx + Myy, = 1 for 
some 2, yp. So Myy, = 1 (mod m,). Hence, y;, is the inverse of My, (mod mx). We form 


the sum: 
x= a, Myy, + agMoyo +... + ar Mr yr 


where x would be the solution of the r congruences. 

Since m, | M; whenever j 4 k, we have M; =0 (mod mx). So aj;Mjy; = 0 mod my, for 
j #k. Hence, from the sum we get z = a,Myy, = ay (mod mz) since Myy, = 1 (mod 
Mr): 

To prove that the solution is unique modulo M, we let x1 and x2 be two solutions to the 
system of r congruences. Then 21 = £2 = ay (mod mx) for each k. So mg | (xq — 21). 


By Theorem 2.7, M | (2 — 21). Hence, 1 = z2 (mod M),. 
| 


Now, we are going to use the construction of the solution in the proof of the 
Chinese Remainder Theorem to solve the problem first mentioned in section 1. Let x be 


the unknown number of objects. Then we have the system of congruences: 
xL = 2 (mod 3) 
x = 3 (mod 5) 
x = 2 (mod 7). 
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So M=3-5-7= 105. Hence, M, = > = 35, My = = 21, and Ms = > = 15, 
Then Myy; = 1 mod 3 becomes 35y; = 1 mod 8. Simplifying this congruence and solving 
for y, we get 2y,; = 1 mod 3 so that y, = 2 mod 3. Similarly, Moye = 1 mod 5 becomes 
2ly2 =1 mod 5. We get yo = 1 mod 5. Again, Mz3y3 = 1 mod 7 becomes 15y3 = 1 mod 
7 and we get y3 = 1 mod 7. 
Som =2-35-24+3-21-14+2-15-1= 140+ 63 + 30 = 233 = 23 (mod 105). To check 
this, note that 23 = 2 (mod 3), 23 =3 (mod 5), 23 = 2 (mod 7). 

The answer to this problem was explained in a verse in Chen Dawei’s book 
Suanfa Tongzong: “Three people walking together, it is rare that one be seventy. Five 
cherry blossom trees, twenty one branches bearing flowers, seven disciples reunite for the 
half-month. Taking away one hundred and five you shall know.” ([DPS96]) To understand 
this saying, let x be the unknown number. Divide x by three (people) and multiply the 
remainder by 70 = 35-2, divide x by five (cherry blossoms) and multiply that remainder 
by 21 = 21-1. Finally, divide x by seven (disciples) and multiply the remainder by 
15 = 15-1. Add all three results and subtract a suitable multiple of 105, i.e. find the 


remainder modulo 105, and you shall find a. 


2.4 Chinese Remainder Algorithm for Integers 


The Chinese Remainder Algorithm was generated based on Sun Zi’s method to 
solve the original problem. By the 13th century, Quin Jiushao gave a more general method 
which did not restrict the moduli m; to pairwise relatively prime numbers. His method, 
however, also converted the moduli into pairwise relatively prime numbers ([DPS96]). It 
is described as follows: 

Let m1, ™Mg,...,mM, be the moduli and | = Icm[m, ...,m |, the least common 
multiple of m1,...,™,. We are going to find a set of integers aj, Q2,..., a, satisfying: 

1. a; divides mj,i= 1, 2,..., k; 

2. gcd (a;,a;) = 1 for all 7 £ J; 

3. a1Q2....a, = lem[m), ..., Mp]. 

Then the system of congruences z = a; mod m, for i = 1,...,& is converted into x = a; 
mod a; for i = 1,...,k, where the moduli a; are pairwise relatively prime. 


To find the set of integers a; for i = 1,...,4, we need to complete the following 


11 


procedure. Consider the first case of k = 2: 

a. Let (m1, mg) = dy. If (m1/d,, me) = 1, then take ay = m1/d, and ag = m2. 

b. If (mi, m2/d1) = 1, then take a, = m, and ag = m2/de. 

c. If (my,m2/d,) = dz > 1, then calculate dj = (m/d2,m2d2/d1) where do 
divides d, and dg divides d,/d2. If dj = 1, then take a; = m;/d2 and ag = med2/di, 
otherwise calculate dy = (m1/ded3, med2d3/d). Continue this process until there exists 


an integer s such that d,;, = 1. Such an s exists because dj > dg >... > 0. Then take 
Pi Pap SUR Lic ec ey 

1 dodg...ds : Ge ee 
For the case of k moduli, apply the above algorithm to mz and m ,_ first to obtain a), 


(1) and m2 which will give us a), A,» 


Continue this procedure and finally apply the algorithm to alk?) and m}, obtaining 


Op ‘Then we apply the same algorithm to a 


Og, 24. Then the integers 1; Qo, sete 45 a, satisfy (ax, a,) =1fori=1,2,...,4—1 and 
a / f i Ul f 

Icm [a1, a9, .-., &%] = lomfay, a, ---) @p_1, Ok] = aglom[ay, A, -.., Ay_3]- 

So we have reduced the case of k moduli into k — 1 moduli. If we repeat this procedure, 


we will obtain the required aj,..., ap. 


Example 2.10. Let m, = 12 and m2 = 20 which are not pairwise relatively prime. Then 
lcm[12, 20] = 60. So by the procedure of step (a), (12,20) = 4. Then (=, 20) = 1. 80 
let ay = 3, and ag:'= 20. Thus (a1,a2) = 1 Therefore, we have ajag = 3.20 = 60 = 
lem[mimg]. If we have a system of congruences given by z = a, mod 12 and z = ag mod 
20, then it will become x = a, mod 3 and x = ag mod 20 where 3 and 20 are relatively 


prime. 


Example 2.11. Let m,; = 312 and mz = 16 where m, and mz are not pairwise relatively 


prime. Using the algorithm, let d; = (mi, m2) = (312,16) = 8. Then dz = (mi, ) = 
1 
d 
(312, 2) = 2. So dz = (3, — ) = (156,4) = 4. Continuing, ds = (st Jas, = 
dy’ dy i. dod3’ dy 
(39,16) = 1. Since dy = 1, we take a, = - = 39 and a = 228 aS = 16. Thus, a1 
243 1 


and ag satisfy the three conditions: 

1. a, divides m1 and a divides mo, 

2. (a1, a2) = 1, 

3. a1 Q2q = 39-16 = 624 = lem [mi, my]. 


Hence, the algorithm sets the moduli back to pairwise relatively prime. 


12 


In the calculation of the calendars application mentioned in section 1 the algo- 


rithm is used with 2 moduli. 


Example 2.12. Suppose the number of days in a tropical year is 365 and the number 
of days in a lunar month is 30. Then x = 365 and y = 30. Let r; be the number of days 
that the Winter Solstice occurs after shangyuan and rg be the number of days that the 


Winter Solstice occurs after the new moon, then we have the system of congruences 


365N = 11 mod 60 
365N =r2 mod 30 


which is converted into 


5N =r, mod 60 
5.N = rg mod 30 


where N is the number of years after shangyuan. By the Chinese Remainder Algorithm, 
we get d; = (60,30) = 30. Then dy = (60,1) = 1. So we take a; = 60 and ag = 1. So 


the new system of congruences will be 


dN =r, mod 60 
5N =rg mod 1. 


We will also use the above algorithm to illustrate the example of building walls 


in k moduli with k > 2. 


Example 2.13. Let X be the base length of the wall and Y be the base width. We are 
going to use the algorithm to set all the moduli of X and Y into pairwise relatively prime 
integers. Since the moduli of X and Y are the same, we apply the agorithm to X and 
use the new pairwise relatively prime moduli for Y as well. 
Recall that X = 60 mod 130 

= 30 mod 120 

= 20 mod 110 

= 30 mod 100 

= 30 mod 60 

= 30 mod 50 

=5 mod 25 


13 
= 10 mod 20. 


We start from the bottom up. First of all, let m;, 1 = 1,2,...,8 be as follow: 


m1 = 130, mz = 120, m3 = 110, m4 = 100, ms = 60, me = 50, m7 = 25, and mg = 20. 


25 
So we start with mg = 20 and m7 = 25. Then, d, = (20,25) = 5. So dz = (20, =o ih 


Consequently, d3 = G, =) = 1. Thus al) = = = 4 and af = 25. 

Now apply the algorithm to of) = 4 and mg = 50. Similarly, we have d, = (4,50) = 2. 
Then dp = (4, * =1. Soa! =4 and ak = 25. 

Continuing this process, apply the algorithm to a?) = 4 and ms = 60. Then d, = 
(4,60) = 4. So do = (4, >) = (4,15) =1. We have a) = 4 and af = 15. 


Next, apply the procedure to a?) = 4 and mg = 100. First, dj = (4,100) = 4. Then 
dy = (4, >) = (4,25) =1. So af? =4 and a, = 25. _ 

Again, the next pair is a) = 4 and m3 = 110. So d; = (4,110) = 2. Then dp = 
(4, ) = (4,55) = 1. Hence, af) = 4 and ay = 55. 


Consequently, the next pair is af?) = 4 and m2 = 120. We get d; = (4,120) = 4. Then 
120-2 

dz = (4, =) = (4,30) = 2. Hence, we continue to dg = G “ ) = (2,60) = 2. Thus, 

— ao) = (1,120) =1. Therefore, af =1 and al = 120. 


Lastly, the pair is a?) = 1 and m, = 130. Obviously, the two numbers are relatively 


dy = ( 


prime, so we obtain ag = 1 and a = 130. Now that we have just reduced the 8 
moduli into 7 with the last one relatively prime to the rest, we have the 7 moduli in 
order: 130, 120, 55, 25, 15, 25,25. Applying this procedure again we have d, = (ay, Og) = 


(25, 25) = 25, then dg = (25, =) = 1 So take fom = 25 and @, = 1. 


1 ' 
Next, d; = (25,15) = 5, so dz = (25, =) = 1. Hence, py = 25 and 6; = 3. 
2y pa Palen) ob ad gs oi, 
25 i 4 


Similarly, dy = (25,55) = 5, and dz = (25, =) = 1. Take 6S = 25 and 6, = 11. 


12 ’ 
Now we have d; = (25,120) = 5, so dp = (25, ia = 1. Then take pe) = 25 and fy = 24. 


130 ' 
Last, dj = (25, 130) = 5, then dp = (25, =) = 1. Therefore 67 = 25 and f; = 26. 


The new list of moduli now has become 26, 24, 11,1,3,1,25. We can see that every ele- 


Again, d, = (25,25) = 25, then dp = (25, 


ment is pairwise relatively prime with each other except the two moduli 26 and 24. So 


we will use the algorithm one more time to convert them to pairwise relatively prime. 
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Let d, = (26,24) = 2, then dy = (26, *) = 2, so d3 = ea “*) = 1. Thus the two 
moduli 26 and 24 now become 13 and 12. This, however, creates another non-pairwise 
relatively primes which are 12 and 3. Once again, we apply the algorithm to these two 
moduli. 
We have d; = (12,3) = 3, then dz = (12,1) =1. So the two new moduli are 12 and 1. 
Now we have a new system of congruences with pairwise relatively prime integers: 

X = 60 mod 13 = 8 mod 13 

= 30 mod 12 = 6 mod 12 


= 20 mod 11 = 9 mod 11 


= 30 mod 1=0 
= 30 mod 1 =0 
= 30 mod 1=0 
= 5 mod 25 

= 10 mod1=0. 


Using the Chinese Remainder Theorem,excluding all the mod 1 congruences, we obtain 
M =13-12-11-25 = 42,900. Therefore, M, = geet = 3,300, Mo = a = 3,575, 


13 
42,900 _ _ 42,900 _ 
i = 3,900, and M, = eS 1716. 


Then 3, 300y1 = 1 mod 13 becomes 1ly; mod 13, so y; = 6 mod 13. Again, 3,575y. = 1 
mod 12, so llyg = 1 mod 12, and yg = 11 mod 12. Similarly, 3,900y3 = 1 mod 11 be- 


3 


comes 6y3 = 1 mod 11, so y3 = 2 mod 11. Finally, 1,716y4 = 1 mod 25, so 16y4 = 1 mod 
20, and ys = 11 mod 25. Hence, x = 8-3, 300-6+6-3,575-11+9-3,900-2+5-1, 716-11 
= 558, 930 mod 42,900 = 1, 230 mod 42,900. So the base length of the wall is a multiple 
of 1, 2300 mod 42, 900. 
To solve for the base width of the wall, we set up the system of congruences just 
as above with the moduli relatively prime. 
Y = 60 mod 13 = 8 mod 13 
= 10 mod 12 
= 30 mod 11 = 8 mod 11 
= 10 mod1=0 
=10mod1=0 
=10mod1=0 
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= 10 mod 25 
= 10 mod1=0. 


So we have Y = 8-3, 300-6410-3,575-114 8-3,900-2+10-1, 716-11 = 802, 220 mod 
49,000 = 18, 220 mod 49,000. So the base width of the wall is a multiple of 18, 220 mod 
42, 900. 


Lastly, we will solve the problem of counting the number of soldiers. 


Example 2.14. As in section 1, we have a system of congruences for the number of 


soldiers going out to battle. 


xz =8 mod 11, 

xz =5 mod 17, 

x = 16 mod 29, 

xz = 24 mod 31. 
Since all the moduli are already relatively prime, we use the Chinese Remainder Theorem 
to solve for x. We have M = 11-17-29-31 = 168,113, so M, = ss = 15, 283, 

168, 1 

= a = 9,889, M3 = — = 5,797, and My, = sae 2 = 5,423. We 


determine y; by solving the congruence 15, 283y; = 1 mod 11, or equivalently, 4y; = 1 
mod 11. This yields y; = 3 mod 11. By solving 9, 889y2 = 1 mod 17, or equivalently, 
12y2 = 1 mod 17, we find y2 = 7 mod 17. Similarly, 5,797y3 = 1 mod 29, which is equal 
to 26y3 = 1 mod 29. We get y3 = 10 mod 29. Finally, we solve 5, 423y, = 1 mod 31 or 
29y4 = 1 mod 31. This gives yg = 16 mod 31. 


Hence, we calculate the number of soldiers going out to battles by 


x = 8-15, 283-3+5-9,889-7+ 16-5, 797-10 + 24-5, 423-16 = 3, 722.859 = 24, 373 
mod 168, 113. 


So the number of soldiers would be 24, 373 for that specific battle. 
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Chapter 3 


Various Formulations of the 


Chinese Remainder Theorem 


3.1 Rings, Ideals, and Homomorphisms 


From the original theorem dealing with integers, the Chinese Remainder Theo- 
rem is expanded into rings and domains. We now are looking at the Chinese Remainder 
Theorem that can be formulated for rings which have pairwise coprime ideals. Before 
introducing the expansion of Chinese Remainder Theorem for rings, we are going to get 


acquainted with a few definitions. 


Definition 3.1. A ring R is a nonempty set with two binary operations, addition (de- 
noted by a+ b) and multiplication (denoted ab), such that for all a,b,c in R: 
l.a+b=b+a. 

2. (a+b)+c=at(bt+c). 

3. There is an additive identity 0. That is, there is an element 0 in R such that a+0=a 
for alla in R. 

4, There is an element —a in R such that a+ (—a) = 0. 

5. a(bc) = (ab)ec. 

6. a(b+ c) = ab+acand (b+ c)a = ba + be. 

A ring is commutative when multiplication is commutative. 

A subset S' of a ring R is a subring of R if S itself is a ring with the operations of R. 


If R has a multiplicative identity, i.e. an element 1 € R such that r-1=1-2 =z then 
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R is said to be a ring with unity. 


Example 3.2. The set Z of integers under ordinary addition and multiplication is a 


commutative ring with unity. 


Example 3.3. The set nZ of integers multiples of n € Z under ordinary addition and 


multiplication is a commutative ring without unity and also a subring of Z. 


Example 3.4. The set R[z] of all polynomials in the variable x with real coefficients 


under polynomial addition and multiplication is a commutative ring. 


Definition 3.5. A subring J of a ring R is called an ideal of R if for every r € R and 


every i € I both ri and ir are in I. 


Theorem 3.6. Ideal Test 
A nonempty subset I of a ring R is an ideal of R if 
1. a—bET whenever a,be€ I. 


2. ra and ar are inI whenevera€ I andr € R. 


Proposition 3.7. Let R be a commutative ring with unity and let a € R. Then the set 
(a) = {ralr € R} is an ideal of R called the principal ideal generated by a. 


Proof: By the Ideal Test, let ra,sa € (a) where r,s € R. Then ra— sa = 
(r —s)a € (a) since r—s € R. Also, let x € R then zar = xra = (zr)a € (a) since Risa 


commuative ring. Therefore, (a) is an ideal. 
C] 


Example 3.8. For any positive integer n, the set of multiples of n, nZ = {0, +n, +2n, ...} 


= (n) is an ideal of Z. 


Example 3.9. Let R{z] be the set of all polynomials with real coefficients and let I be 


the subset of all polynomials with constant term. 0. Then J is an ideal of R[x] and I = (2). 


Definition 3.10. An integral domain is a commutative ring R with unity and no zero 


divisors, i.e. if ab = 0 where a,b € R, then a = 0 or b= 0 for all a, b. 
Example 3.11. The ring of integers Z is an integral domain. 


Example 3.12. The ring Z, of integers modulo a prime p is an integral domain. 


18 


Definition 3.13. A principal ideal domain is an integral domain R in which every ideal 


has the form (a) = {ra|r € R} for some a in R. 


Definition 3.14. Let R be ring and let I be an ideal of R and s,t € R. The set of cosets 
{r+I|r € R} denoted R/I is a ring under the operations (s + J) + (t+JI) =s+t+I 
and (s+ J)(t+ J) =st+TI. The ring R/T is called a factor ring. 


Example 3.15. Let Z be the ring of integers. The ring Z/4Z = {0 + 4Z,1 + 4Z,2+ 
4Z,,3 + 4Z} is a factor ring. For example, we have 

(2+ 4Z) + (3+4Z) =54+4Z=1+4+4Z=1+ 42, and 

(2+ 4Z)(3+ 4Z) =64+4Z =24+4+4Z=2+42Z. 


Example 3.16. Let R = R{z] and IJ = (x). We can see that (zx) = {r(x)-2|r(x) € R[z]} 
so R{z]/(z) = {f(x) + (z)|f(x) € R{z]} = {a + (x)|a € R} which is similar to the ring R 


as we will verify at the end of this section. 


Example 3.17. Let R = R[x] and I = (x*+1) be the principal ideal generated by 27+1. 
Then R[z]/(x?+1) is a factor ring. We have R[z]/(x7+1) = {g(x)+(x7+1)|g(x) € R[z]} 
= {ax +b+ (x? +1)|a, b € R}. 


Definition 3.18. Let Rj), Re,..., Ry be rings and J, I2,..., I, be ideals. Construct a new 


ring as follows. Let 
R/T, ® Ro/Ip ®--- 8 Rn/In = {((ai + hh, aot Ia,..-,€n + In)Jai + i € Ri/ Ti} 


and perform component-wise addition and mutiplication, that is 

(a1 +h, ag+lo,...,@nt+In)+ (bith, bet, ...,bntIn) = (ai tbith, agtbetls,...,an+ 
bn + In) 

and 

(a, +h, ae+Io, ...,@nt+In)(b1 +h, bo+Ia, ...,bnt+In) = (a1b1 +h, agbo+ Ia, ..., nba +In). 
This ring is called the direct sum of Ri /Iy, Ro/Io,..., Rn/In. 


Example 3.19. Let Z/(3)®Z/(5) be a direct sum. Then (1+ (3), 4+(5))+(2+(3), 
= (1424 (3),2+4+4 (5)) = (0+ (3),1+ (5)) and (1 + (3),4+4+ (5))(2 + (8),4 + (5)) 
= (1-2+4 (3),4-4+4+ (5)) = (2+ (3),1+4 (5)). 


Definition 3.20. A ring homomorphism ¢ from a ring R to a ring S is a mapping from 


Rto S that preserves the two ring operations; that is, for all a,b in R, 
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(a + b) = o(a) + 6(b) and (ab) = o(a)¢(0). 
A ring homomorphism that is both one-to-one and onto is called a ring isomorphism. 


Example 3.21. Let ¢ be the mapping from Z, to Ziq with x — x. Then $(2 + y) 
=5(2+y) = 52+ 5y = d(x) + o(y). Also, d(zy) = 5(ry) = 5.5(xy) since 5.5 = 5 in Zyo. 
Then (zy) = 52.5y = $(x)¢(y). So ¢ is a homomorphism. 


Theorem 3.22. Let ¢ be a homomorphism from a ring R to a ring S. Then kernel of 
¢, ker 6 = {r € R|b(r) = 0} ts an ideal of R. 


Proof: To prove this theorem, we are going to apply the ideal test. 
1. Let r,s € kerd then ¢(r) = ¢(s) = 0. Hence, ¢(r) — ¢(s) = 0 = ¢(r — s) since ¢ is a 
ring homomorphism. Therefore, r — s € ker®@. 
2. Let t € Rand r € kerd. Then ¢(r) = 0. Since ¢ is a ring homomorphism ¢(tr) = 
' b(t)d(r) = o(t) -0 = 0. Hence tr € kerd. 
From (1) and (2), ker ¢ is an ideal. 


0 


Example 3.23. Let ¢ be the mapping from Z[z] onto Z given by ¢(f(x)) = f(0) and let 
= $((f+9)(0)) = 
(f + 9)(0) = f(©) + 90) = o(F(z)) + o(9(a)), and o(f(x)g(z)) = o(f9(0)) = (F9)(0) = 
£(0) -9(0) = O(f(x)) - O(g(z)). Hence ker ¢ = {f(x) € Zlx]|f(0) = 0} = (x), ie. the 


kernel of ¢ is the set of polynomial with 0 constant term. 


f(x), g(x) € Z[z]. Then ¢ is a ring homomorphism since ¢(f (x) + g(x) 


Theorem 3.24. First Isomorphism Theorem for Rings 
Let ¢ be a ring homomorphism from R to S. Then the mapping from R/ker¢ to o(R), 
given by r+ kerd > P(r) is an isomorphism. In symbols, R/kerd = $(R). 


Proof: 
Let 6: R > S be a ring homomorphism. 
Let ¢: R/kerd — $(R) be the mapping defined by 
b(r + ker(¢)) = ¢(r). We will show this mapping is one-to-one, onto, and that 
operations are preserved. 
1. The mapping ¢ is well-defined. 
Let r+ker@ = s+kerg. Then r—s € kerg. So o(r—s) = 0. It follows that g(r) = ¢(s). 
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Hence, #(r + ker¢) = 6(r) = 6(s) = (s + ker). 

2. The mapping ¢ is one-to-one. 

Let d(r + ker¢) = O(s + ker¢). Then ¢(r) = ¢(s) which implies ¢(r) — ¢(s) = 0 since ¢ 
is a ring homomorphism. So ¢(r — s) = 0, then r — s € kerg and r+ ker@ = 8 + ker@. 
3. The mapping ¢ is onto. 

Let x € ¢(R). Then x = ¢(r) = o(r + ker¢) for some r € R. 

4. The mapping ¢ preserves addition and multiplication. 

We have 6((r + ker$) + (s + kerg)) = O((r + 8) + herd) = o(r +) = O(r) + 9s) 
= $(r + kerd) + (s + kerd). 

Also 4((r + ker@)(s + kerd)) = 9((rs) + ker) = o(rs) = $(r)}(s) = o(r + kerd)(s + 
ker). 

Then by 1-4, ¢ is an isomorphism. Therefore, R/kerd © $(R). 


O 


Example 3.25. Let ¢ be the mapping from Z to Zp, given by ¢(x) = Ox mod n. Then 
ker @ = (n) so Z/(n) & Zn. 
Example 3.26. Let ¢ be the mapping from R{z] to R given by 6(f(z)) = f(0) then ker 


@ = (x). So R{z]/(x) & R where (2) is the ideal of polynomials with zero constant term. 


3.2 Chinese Remainder Theorem for Rings and Domains 


We now extend the notion of relatively prime integers to coprime ideals in a ring 
R. This will allow us to extend the Chinese Remainder Theorem to rings and integral 


domains. 


Definition 3.27. In a commutative ring R, two ideals A and B are called coprime if 


A+B=R. 


Note that two principal ideals (a) and (b) are coprime in the ring of integers Z 
if and only if a and b are relatively prime. Therefore, coprime ideals are analogous to 


relatively prime integers. 


Proposition 3.28. Let R be a commutative ring with unity 
LIflI+J=R, thenIJ=INJ 
2. If Ty, Io, ...,In are coprime in pairs, then IyIg-+-In = (Vj Ih. 
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Proof: 

1. Letr Ee JJ. Then r =ij wherei € I andj € J. Sore J, andr € I since J and J are 
ideals. Hence r€ IO J. Therefore, lJ CIN J. 

Now we have (I+ J)\(INJ) =I(NJ)+ JINJS) =IINIS+ JINJIJI C IJ. Since 
I+J=Rthen J+ J)\(INJ)=U0NJ)ClJ.0 , 

2. We proceed by induction on n. The case for n = 2 is proven by part (1). Assume 
TyIp-++In-1 = ae I;. Suppose n > 2 and ie aa i Ae I;. Let J = Fes. a 
quae s Since J; + I, = R for 1 <i <n-—1, then 24;+y; = 1 for some 2; € J; 
and y; € I,. Thus ile = ate —y) =1mod Ih. Sol,+ J = R. Therefore, 

"= JIn =INIn = (Mh 


O 


Now it is time to use the First Isomorphism Theorem for Rings to prove the 


Chinese Remainder Theorem for rings with two ideals. 


Theorem 3.29. The Chinese Remainder Theorem for Two Ideals 
If R is a commutative ring and I and J are proper ideals with I+ J = R, then R/(IN J) 
is isomorphic to R/I ® R/J. 


Proof: We are going to use the First Isomorphism Theorem to prove this theo- 

rem. Let 6: R-— R/I ® R/J be the mapping defined by 
d(r) = (r+I,rt+J). 

1. ¢ is a well-defined map. 
Suppose there exist r,s € Randr = s. Then g(r) = (r+J,r+J) and $(s) = (s+I,s+J). 
Since r = s, we have r+I = s+JI andr+J =s+J. Therefore, (r+J,r+J) = (s+JI,s+J). 
Hence, ¢(r) = @(s). 
2. @ is a homomorphism. 
Suppose there exist a,b € R. Then d(a4+ 6) = (a+b64+TJ,a+b4+J) = (a+I4+b4 
ITa+J+64J)=(a+J,a+J)+(b+1,b+ J) = ¢(a) + 6(b). We also have ¢(ab) = 
(ab+TI,ab+ J) = ((a+J)(b4+ J), (a+ J)(b4+ J)) = (a4+-J,a+J)(b4+ 1,64 J) = d(a)g(b). 
3. ¢ is surjective. 
Let (@,b) € R/I® R/J. Then (4,6) = (a+J,b+ J) for some a,b € R. Since R=I+4 J, 
we havea =a2+y and b=s+t for some z,s € J and y,t € J. Consider y+ s. We 
obtain d(y+s) = (y+st+I,y+s4+J) = (y+I,s4+ J) since s € I,y € J. However, 
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GhaGelie= (aty+I,s+t+J)=(y+I,s+ J) since x € I andt€ J. So 
o(y +s) = (@,b). Therefore ¢ is onto. 

By the First Isomorphism Theorem, we now have R/kerd ® ¢(R). We know that 
¢$(R) = R/I ® R/J, so R/kerd = R/I@ R/J. 

4. Kerd6=IN J. . 

Lettre INJ. Sor € I andr € J. Then g(r) = (r+i1,r+J) = UJ). So 
r€ker¢>INJ Ckerd. 

Suppose 6 € ker@. Then (b+ /,b+ J) = (6) = UJ). Sob € I and b € J. Hence 
beINnJ=sker@C Und). 

From 1-4, we have R/(IN J) = R/I@ R/J. 


O 


We have to make sure that the ideals J and J are coprime, in other words, 
I+ J= so that ¢ will be surjective. If ¢ is not onto, then the mapping will not | 
necessarily be an isomorphism. The following example illustrates how the condition of 


pairwise coprime is necessary. 


Example 3.30. If R = Z, A; = (6) and Az = (4) then the mapping ¢: R/(A1M Az) — 
R/A, ® R/Ag is not surjective. 

Proof: Since the gcd(6,4) = 2, 6 and 4 are not relatively prime. So the ideals (6 and 
(4) are not coprime. Since (6) + (4) = (2) so A, + Ao # R since 1 ¢ (2). Also, 
Z/((6) 9 (4)) = Z/(2) = Ze; but, Zo 4 Z, @ Ze. There are only 2 elements in Zo but 


there are 24 elements in Z, @ Zg. Hence, ¢ cannot be surjective. 


Now, we are going to generalize the above theorem to n ideals. 


Theorem 3.31. The Chinese Remainder Theorem for n Ideals 
If R is a ring and Nh,...,In are ideals of R which are pairwise coprime, i.e. I; +1; = R 
whenever i #j, andI =()\j_, li, then R/I is isomorphic to R/I, ® R/I2@...® R/In. 


Proof: By induction, for n = 1, we have R/I = R/T. 
Assume that J;,...,In,In+1 are ideals of R which are pairwise coprime (J; + J; = R 


whenever i # j) and R/I is isomorphic to R/J, ® R/I2 ®... ® R/In where I = Nh. 
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Then by letting J = I,41 and using Theorem 3.29 and Theorem 3.30, we have R/(IN 
J) = R/I@R/J = R/S R/n@...8 R/I, ® R/J. Therefore R/I is isomorphic to 
R/T, ® R/In@... © R/In41 where I = OPI. 


0 


Corollary 3.32. Ifm € Z has the prime decomposition m = pe...pr by the Fundamental 
Theorem of Arithmetic, (kj > 0, pj distinct primes), then there is an isomorphism of rings 


Zim ZZ ny Xe XZ kb. 
7 Py! p;° 


Proof: Since all the p;’s are distinct primes, they are pairwise coprime and 
Zm © Z/(m). Therefore, by Theorem 3.32 and Proposition 3.29, we can see that Zm ~ 


Zin XX Zk, 
Py P; 
O 


Now that we have looked at the Chinese Remainder Theorem for rings through 
the mapping of isomorphism, we are going to reformulate theorem to be analogous to the 


theorem for integers. 


Theorem 3.33. General Chinese Remainder Theorem for Rings 
Let Ih,...,In be ideals in a ring R such that I; +1; = R for alli #3. If bi,...,bn € R, 
there there exists b € R such that b = bj (mod I;) fori = 1,2,...,n. Furthermore, b is 


uniquely determined up to congruence modulo the ideal I; N1gN...NIn. 


Just as Theorem 3.32, the ideals are pairwise coprime; however, instead of having 
the factor ring R/I isomorphic to the direct sum of all factor rings, we have the case of 
the intersection of all ideals which also combines several moduli to a new, larger modulo. 

Proof: 

Since 7 + Ig = Rand + J3 = R, then 

R= R? = (+lo)(ht+Is) = 2+ higtlht+lel3 C +IeI3 C y+(IoMIz) C R. 
Therefore, R = I, + (lo N13). Assume inductively that 

R=h+(2NIgn...AIp-1). 

Then 

Ra=R=a(h+(hn...9ha)(hth) Ch+(hnBgn..Ak) CR 

Therefore, R = 11 + (aM... I,). Consequently, R = I) + (Mizidi). Similarly, for each 
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k=1,2,...,.n,R = In + (Mizeli). Consequently, for each k there exist elements a, € I; 
and rp € Mixed; such that by = ag +r,. Furthermore r;, = by (mod Jy) and ry = 0 (mod 
I). fort k. 

Let b= ry +roat...+1m. Then b =r; mod J; and hence 6 = bj (mod Jj) for every i. 
Finally, if c € R is such that c = bj (mod J,) for every i, then b = c (mod J;) for each i, 
where b—c € J; for all i. Therefore, b—c € N?_,J; and b= c(mod ML, Ii). 


O 


Example 3.34. Let (2) and (3) be ideals in the ring Z. Then we can see that (2)+ 
(3) = Z For any a and ag € Z, there exists an a € Z such that a = a; mod 2 and a = ag 
mod 3. Then a = m mod (2)/M (3), or a = m mod (6) which takes us back to the general 


theorem for integers, Theorem 2.9. 


3.3. Chinese Remainder Theorem for Polynomial Rings 


Now let’s look at how the Chinese Remainder Theorem is applied to polynomial 


rings. There are a few terms we need to be familiar with. 


Definition 3.35. A unit in a ring R is an invertible element of R, i.e., an element b such 


that there is an a in R with ab = ba = 1p. 


Definition 3.36. A field is a commutative ring with unity in which every nonzero 


element is a unit. 
Example 3.37. For every prime p, the ring of integersmodulo p, denoted Z, is a field. 


Definition 3.38. Let D be an integral domain. A polynomial f(x) from D[z] that is 
neither the zero polynomial nor a unit in D[z] is said to be irreducible over D if, whenever 
f(x) is expressed as a product f(x) = g(x)h(z), with g(x) and h(z) from D[z], then g(z) 


or h(x) is a unit in D[z]. 


Note: Elements a and 6 of an integral domain D are called associates if a = ub 


where u is a unit of D. 


Theorem 3.39. Let f(a) and g(x) be irreducible polynomials over a field F. If f(x) and 
g(x) are not associates, then F[x]/(f(x)g(x)) is isomorphic to F[z]/(f(x)) ®F [x] /(g(x)). 
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Proof: By Theorem 3.29, and the First Isomorphism Theorem, to show that 
Fx\/(f(x)g(a)) is isomorphic to F[z]/(f(x)) @F[z]/(g(x)), 2e only need to check that 
if f(x) and g(x) are not associates, then (f(x)g(x)) = (f(x))(g(x)) = (f(x)) N (g(z)). 

Let r(x) € (f(x)g(x)), so r(x) = f(x)g(z)h(x) for some A(x) € Fia|. Then 
r(x) = [f(x)h(z)]g(x) since F is a field. Hence, r(x) € (f(x)) MN (g(x)) => (f(x)g(x)) C 
(f(2)) (g(a). 

Conversely, let s(x) € (f(x)) M (g(z)), so s(x) € (f(x)) and s(x) € (g(x)). Then, 
s(x) = f(x)h(x) and s(x) = g(x)r(z) for some h(x), r(x) € F[z]. Consequently, we 
have f(z)h(x) = g(x)r(x). Because f(x), g(x) are irreducible, (f(x)) + (g(x)) = F[z], so 
f(a)u(a) + 9(x)v(x) = 1. So s(x) f(a)u(x) + 6(a)g(x)u(a) = (2). 

Hence, s(x) = g(z)r(x) f()u(x) + f(@)A(z)9(x) v(x) = g(x) f(x) (r(x) u(x) + h(x) v(x) so 
s(x) € (f(z)g(2)), and hence (f(z)) N (g(#))  (F(ae)g(2)). 


O 
Example 3.40. For every prime p, the ring of integers modulo p, denoted Zp is a field. 
Definition 3.41. A monic polynomial is a polynomial whose leading coefficient is 1. 


Definition 3.42. Let a(x) and b(z) be polynomials not both zero with coefficients in a 
field F. The greatest common divisor of a(x) and b(x) is the monic polynomial d(x) of 


highest degree such that d(x) is a divisor of a(x) and b(z). 


Example 3.43. Let a(x) = 27+72+6 and b(x) = x?—5a—6. Then a(x) = (x+1)(a+6) 
and b(%) = (w+ 1)(x — 6). Hence the gcd(a(z), b(z)) =2+1. 


Theorem 3.44. General Chinese Remainder Theorem for Polynomial Rings. 
Let F be a field and let bi(x),...,bn(x) be arbitrary polynomials of F[z], m1(x), ..., Mn(z) 
and a;(2),...,@n(x) be polynomials of F(x] such that 


ged: (ax(e) angle) = 1 #128. n: 


Then the system of congruences 
ax(a)ula) = 6;(2) mod gua) aH 1 on 


has exactly one solution modulo m({x) = m4(r)mo(z)---mp(z). 
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Proof: Follow the proof of Theorem 3.32 and the Chinese Remainder Algorithm, 
we have gcd(a;(xz),m;(x)) = 1 for 1 <i<n. We can compute a polynomial ¢;(x) € F[z] 
such that cj(x)aj(z) = 1 mod m,(x) for all 1. Therefore, a;(x)u(xz) = bj(x) mod mi(z), 
+ = 1,2,...,n becomes u(x) = cj(x)b;(x) mod Be for 1 <i<n. Using the Chinese 


Mt 
Remainder Algorithm, we can find M(x) = [JTj_, -mi(z), then Mj(x) = = a Mo(z) = 
1 
aa) Swavely = ae) . Then proceeding as the algorithm, the solution is given by: 
ma(z) Mn (x) 


u(x) = by (x)c, (x) My (x)y1 (x) + b2(x)co(x)Mo(x)yo(x) +... + bn(x)en(z)Mn (x) yn(x) mod 


M(z), where y;(x) is the inverse of M;(x) mod m,(z) for 1 = 1, 2,...,n. 


Example 3.45. Let mi(z) = 29 +2+1 and mo(z) = 2? +27 +41 in Z/(2). Also, let 
a, =a*+a+1 andag=2+4+1. Since m; and a; cannot be factored, they are relatively 
prime for each i. By the Euclidean Algorithm we have (z + 1)m1(x) + x?a;(x) = 1 and 
mo(x) + 27a9(xz) = 1. So the inverses c;(x) of a;(x) are cy(x) = 2? and c2(x) = x”. Since 


xzmy1(x) + (a + 1)m2(x) = 1 we have a system of congruences 


ai(z)u(x) = b1(x) mod mj (z) 


ao(x)u(x) = bo(x) mod ma(z). 


The solution is given by u(x) = (a +1)2?me(zx)ri(x)+2-x?m1(x)re(xz) mod m(z), where 


m(x) = m1(x)mo(z). 
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Chapter 4. 


Applications of the Chinese 


Remainder Theorem 


4.1 Finite Sequence of Integers 


As mentioned in Chapter 1, the first indication of the power of the Chinese 
Remainder Theorem applies to finite sequences of integers. For any finite sequence of 
integers, we can find another two integers to represent it. Let first look at the theorem 


and its proof. 


Theorem 4.1. Let a;,0<i<t, be a finite sequence of nonnegative integers. Then there 


are integers u and v such that (u mod (1+ (i+1)v)) =a, for every i =0,1,...,t. 


Proof: Let a be the largest integer of the sequence a;, 0 < 1 < t, and define 
v= 2a-tl and m =1+v(i+1),0<i<t. We claim that the integers m;, 0 <i<t are 
relatively prime in pairs. By contradiction, let p be a prime number that divides both m; 
and m,, for some i > j. Then p divides the difference (+ 1)m,; — (g +1)mj =i-—j <t. 
Since p let divides m; and v is divisible by all integers less than or equal to t, we obtain 
that p = 1, which is not a prime. So the integers m; qualify as moduli for the Chinese 


Remainder Theorem. Hence, there is a number u such that 
u =a; mod m;,i=0,1,...t. 


Then, u mod m; = a; mod m; for all 0 < i < t. However, since a; < v < mj, we can 


conclude that a; mod m; = a; for0 <i<t. Therefore, u mod m; =a; for0<i<t. 
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O 


Below is an example using a small finite sequence of integers. For this sequence, 
we find two integers representing each term. If we apply this theorem to larger sequence, 


we should still be able to find two integers representing each term in the sequence. 


Example 4.2. Let {2,3, 5,6} be a finite sequence with a9 = 2, a, = 3, ag = 5 and a3 = 6. 
Then by the theorem, there are integers u and v such that u mod (1+ (¢+1)v) = a. We 
will show how to find u and v. The largest integer is 6, so by the proof of the theorem we 
have v = 2-6-3! = 72, and: mp = 1+ 72 = 73, my = 1+144 = 145, mo = 14216 = 217, 


m3 = 1+ 288 = 289. Then we obtain a system of congruences: 


u = 2 mod 73, 
u=3mod 145, 
u=5 mod 217, 
u = 6 mod 289. 


This system of congruence has a solution. Using the Chinese Remainder Theorem, we 
obtain M = 663,817,105, Mo = 9,093,385, M, = 4,578,049, My = 3,059,065, and 
M3 = 2,296,945. Next, we get 9,093, 385y9 = 1 mod 73 which yields yo = 12 mod 73; 
4,578, 049y, = 1 mod 145 which yields y; = 4 mod 145, next 3,059, 065y2 = 1 mod 217 
giving yo = 95 mod 217, finally 2,296,945y3 = 1 mod 289 giving y3 = 107 mod 289. 
Therefore, u = 2-9,093, 385 -12+3-4,578,049-4+5-3, 059, 065 -95+ 6-2, 296, 945 - 107 
= 545, 603,973 mod 663,817,105. Hence, we can represent the terms of the sequence 
using the two integers 72 and 545, 603, 973: 


2 = 545, 603, 973 mod (1+ 72-1), 
3 = 545, 603,973 mod (1 + 72-2), 
5 = 545, 603,973 mod (1+ 72-3), 
6 = 545, 603,973 mod (1+ 72-4). 


4.2 A Characterization of Dedekind Domains 


In number theory, the Fundamental Theorey of Arithmetic states that every 
natural number greater that 1 can be written as unique product of prime numbers. In 


abstract algebra, a Dedekind domain has a similar set up. 
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Definition 4.3. A Dedekind domain is an integral domain in which each ideal can be 


written as a product of a finite number of prime ideals. 


Definition 4.4. Let R be a ring and I is its ideal. If there exists an inverse ideal 


I71 = {xz € K|xi € R} where K is the quotient field of R then IJ~! = R. 
Proposition 4.5. In a Dedekind domain, every nonzero prime ideal is a maximal ideal. 


Proof: Let R be a Dedekind domain and p is nonzero prime ideal and p is not 
maximal. Let @ be another ideal of R such that p C a. Then a-!p C a“!a = R so 
a~'p is an ideal of R. Since a(a-!p) = p then a C pora ‘pC p. If a~'p C p then 
a~! C pp~' = R which implies that R C a so a= R. On the other hand, if a C p and by 


assumption, p C a then p=a. Therefore p is maximal. 
O 


Example 4.6. The ring of integers Z is an example of Dedekind domain. The principal 
ideals of Z are all generated by each integer such as (2) = {0,+2,+4,+6,...}. fae Z, 
it has a unique prime decomposition; therefore (a) can be written as a product of a finite 


number of ideals. That is, ifa = pe ---pkn, then (a) = (pe) --- (pkr), 


A principal ideal domain is always a Dedekind domain; however, a Dedekind 
domain may not be a principal ideal domain. The following proposition will state the 


condition in which a Dedekind domain is a principal domain. 


Proposition 4.7. If a Dedekind domain R has only a finite number of nonzero prime 


ideals P,,..., Py, then R is a principal ideal domain. 


Proof: For each i, choose b; € P;—P?. We are going to prove that (bj) = P; which 
implies that every prime ideal is principal, hence, FR is a principal ideal domain. Since R is 
a Dedekind domain and it has only a finite number of nonzero prime ideals P;,1 <i<n, 
then these prime ideals are also maximal ideals, and so P; + P; = R,i #7. Because R is 
a Dedekind domain, bj = [,Jo...Im, where I; = P;. By the Chinese Remainder Theorem 
3.32, we have b; = 1; mod P; and b; = 1 mod P;. Then since bj € Pj, (bi) C Pj. So 
I Ig...Im © P;. Then I; = P, for some j. Then we can rearrange the ideals so that 
(o;) = Pilh...Im-1. If I, = P, for some r, then (b;) = P?I)...Im—2, but this contradicts 
b; ¢ P?. So continuing this process, we have (bj) = P,Ih...Im_1 = P;AIN...NIm—1 where 
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Ih, ...,Im-—1 are distinct primes. Then b; € J; and since bj = 1 (mod J;), b; —1 € 1). So 
1 € J, and hence J; = R. Therefore, (b;) = P,. 


4.3 Cryptography Schemes 


The Chinese Remainder Theorem is applied in secret sharing, which is an im- 
portant topic of cryptography. The Chinese Remainder Theorem itself is a secret sharing 
scheme without any modification. Let mj, mz, ...,m; be t pairwise relatively prime posi- 
tive integers. Also let m = Tes m,;. Suppose that we have a secret which is an integer s 
such that 0 <s < m. Let P,, Po,...,.P, be the ¢t parties who are going to share the secret. 
Then P; has the residue s; = s mod m;, as the secret that is only known to P;. By the 
Chinese Remainder Theorem, the t pieces of information s; are sufficient to determine 
the original s. 

For the t parties, if we give out k shares, then the secret can be computed; 
otherwise, k — 1 shares will give a possible range of the secret. A (k,t) secret-sharing 
scheme is defined as follows. The t parties P; share a secret s with the following conditions: 
1. Each party has a share s; about the secret s which is not known to other parties. 

2. The secret s can be computed from any k shares s;. 

3. No k—1 shares s; give any information about the secret s. 

We are going to look at the two secret sharing schemes; one involves the integers and the 
other is for polynomials. 

Scheme 1 


Let mi, 1 = 1,2,...,t, be ¢ pairwise relatively prime integers no less than 2. We 
define 


min(k) = min{mi,mig++-mi,|1 <i1 < ... < ig < tH, 
maz(k — 1) = max{mi,mig+++Mi_,|1 St < tg < +++ < igi < th, 


where 1 <k < t. In other words, min(k) is the smallest product of & of the integers m; 
and maz(k — 1) is the greatest product of k — 1 of the integers m;. Choose w to be the 


largest positive integer such that 


31 


min{k) 
ewe max(k — 1) and 


e gcd (wim) = 1,7 = 1, 2,...,¢. 


Let m = min(k). 

The secret is the integer s such that 0 < s < w. Therefore, we assume that the secret is 
equally likely to be any integer between 0 and w — 1. 

We compute the shares for ¢ parties as follows. 

Let a € Z such that 0 < s+ aw < m, and let s =s-+aw. The shares are then 
given by 5; = s mod m ,i=1,2,...,t, where s; is the share of party P;. We are going to 
prove that k — 1 or fewer shares give no information about the secret; but any k or more 
shares determine the secret. 

Without loss of generality, suppose $1, 59,...,8, are known and 1<h <t. Let 
M= nee m, and M; = a for j = 1,2,...,h. Then (M;,m;) = 1. By Euclidean 
algorithm, there exist u;,v; € Z such that Mju;-+m,v; = 1. This can be done by solving 
Mju; = 1 mod mj; and m;vj = 1 mod M;. Then by the Chinese Remainder Algorithm, 
the system of congruences x = s; mod m; for 1 <i < A has a unique solution modulo MW 
given by © = 81 Myuy + soMouo +... + spMpun. 

Let s’ = ‘Sie Mju;s; mod M where 0 < s” < M, then s” = s; mod m;. We have two 
cases: 

Ifh >k then M > min(k) =m > w. By the Chinese Remainder Theorem s” = s’ since 
s’ = s; mod mi, s' < m < M and solutions to the system z = s; mod m; are unique 


modulo M. Now s’ mod w = (s + aw) mod w = s so the secret is given by s = s” mod 


w. 
Case 2: 
Ifh =k—-1 then M < mazlk - 1] < “. This follows since w < ane 2 implies 
w maa(k — 1] 
k-1 1 in| i; 
eh > — and so max[k—1] > my So w < — since w > 0. Now s! = s"+bM 
min{k] w M 


for some b where 0 < s’ < m since the solutions to the system z = s; mod m;, are unique 
modulo M. Then 0 < s’ < m implies 0 < 8s” + bM < m, so —s"” < bM < m—s" which 
it i 


it a 
—s m—s m—s m—s m—-M 
leads to —— <bd< = 
M 
m 


. Therefore,0 <b< . Al ——- 
erefore,O <b < | | sO, Vi > Vi 


. m™m ; 
wi > wa isince w < va So s = s' mod w = (s” + bm) mod w and since b ranges 
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_ oll _ 
: jandw—-1< |” 


Thus any k — 1 or fewer shares give no information about secret s. 


from 0 to [= |, s takes on 0,1,...,w— 1 equally likely. 


Now let’s see an example to see how the secret-sharing scheme works. 


Example 4.8. Let k = 3, t = 4, my = 5, mz = 7, m3 = 11, and mg = 13. Then m = 
min(k) = 5-7-11 = 385, and max (k —1) = 11-13 = 143. So there exists an integer w 

min(k)  __ 385 
maz(k—1) 148 
an integer where 0 < s < w. So s is either 0 or 1. Since t = 4, we need to compute 4 


such that w < and gcd (w,m;) = 1. We get w = 2. The secret s is 


shares. We choose an a where 0 < s+aw < _m. Hence 0 < aw < m-—s which implies 
oe m—s 385-1 


= 192. Choose a = 30, for example. Let s’ = s+aw =s-+ 60. 
The four shares are given by s; = s’ mod m;. Then s; = (s + 60) mod 5, s2 = (s + 60) 
mod 7, s3 = (s + 60) mod 11, and sq = (s + 60) mod 13. As the secret keeper, we let 
s = 1 then s; = 1 and sg = 5. Then M = mimo = 35, M; = 7, and My = 5. By the 
Euclidean Algorithm, we get 7-(—2)+5-3 = 1. Therefore, u = 2 and v = 3. Then by 
the Chinese Remainder Algorithm, we have s’ = Myu181 + Mougsq since h = 2. Then 
s" = (7-(—2) +8, +5-3- 82) mod 35 = (—14+ 75) mod 35 = 61 mod 35 = 26 mod 35. 
Since h = 3—1 = 2 we have s’ = s’ + bM = 26+ 35b whereO<b< — = 10. It 
follows that s = s’ mod 2 = b mod 2. Since b € [0,10], s takes on 1 and 0 equally likely. 
Therefore, the two shares give no information about the secret. 

If we have three shares, we can calculate the secret s. So for the example above, suppose 
we have three shares s, = 1, sg = 5, and s3 = 6. Then M = mymomz = 5-7-11 = 385, 
so M, = 77, Mz = 55, and M3 = 35. Therefore, by Euclidean Algorithm we can find u, 
and vj, for 7 = 1,2,3 such that: 


77u, + 5v, = 1; 
5du2 + 7vg = 1, 
35u3 + 11v3 = 1. 
Solving the three equations, we get: 
77 -(—2)+5-31=1, 
55-(-1)+7-8=1, 
35-6+11-(—-19) =1. 
Hence, s” = 77 - (—2) - s; + 55- (—1) - 82 + 35-6 -s3 = 831 mod 385 = 61 mod 385. 


Consequently, the secret s would be s = 61 mod 2 = 1 mod 2. So the secret s is 1. 
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Scheme 2 

This secret-sharing scheme is almost similar to scheme 1, but it deals with 
polynomials. 
Let F be a finite field and m;(z), i = 1,...,t be ¢ pairwise relatively prime polynomials 


of F[z] with degree greater of equal to 1. Then 
min[k] = min{deg(mi, mi, -+-mi,)|1 < 11 < +++ < te < th, 
mazlk — 1] = max{deg(mi, mi, -++mMiz,_,)|1 <tr < +++ < tp_1 < t}, 
where 1 <k <t. Let w be the largest positive integer such that 


e there is a polynomial W(x) of degree w over F with (W(xr),mi(x)) = 1 fori = 
1,2,...,¢; and 
min|k] 
~ maz[k — 1) 

The secret is a polynomial s(x) in F'[x] of degree less than w. The shares for t parties 
are computed as follows. 

Choose a(x) € Fz] such that deg(s(z) + a(z)W(x)) < min[k]. Let s’(z) = 
s(x) + a(x)w(x). The shares are then given by s;(z) = s’(x) mod mj, i = 1,2,...,t. 
Therefore, (k,t) is a threshold scheme. 

Suppose k shares s(x), 8o(zx),...,8%(z) are given. Let M(x) = [T[f, mi(zx), 


and M;(x) = an for j = 1,...,k. Then M;(x) and m,(x) are relatively prime. By 
Euclidean Algorithm, there exist two polynomials u;(x) and v;(x) in F[z] such that 
M;j(x)u;(x) + m;(x)v;(x) = 1. By the Chinese Remainder Algorithm, we have s'(x) = 
xia M;(x)u;(x)s;(2) mod M(x). Then the secret is given by s(x) = s'(x) mod W(z). 
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Chapter 5 


Conclusion 


In this short manuscript, we have shown some expansion and powerful applica- 
tions of the Chinese Remainder Theorem. It is amazing to see how the theorem evolved 
from the three basic problems of calendar, wall-building, and soldier-counting. Even 
though the theorem, first generated as a problem, is taken credit from the Chinese schol- 
ars, it was quite well-known in other parts of the world. Many other mathematicians 
were also trying to solve similar problem 

Here we discuss the applications of the theorem to finite sequence of integers, 
Dedekind domains, and briefly crytography. However, the Chinese Remainder Theorem 
is widely applied in other areas such as computing, and codes. We hope readers find this 


topic interesting enough to pursue further research on those areas. 


39 


Bibliography 


[DPS96] C. Ding, D. Pei, and A. Salomaa. Chinese remainder theorem, application in 
computing, coding, cryptography. World Scientific Publishing Co., Singapore, 
1996. 


[Gal06] Joseph A. Gallian. Contemporary abstract algebra. Houghton Mifflin, New York, 
sixth edition, 2006. 


[Hun74] Thomas W. Hungerford. Algebra-graduate texts in mathematics. Springer, New 
York, 1974. 


